[Mailman-Users] Automatically add virtual-mailman aliases to aPostfix sender access list

[Mark Sapiro]

Yeray Gutiérrez Cedrés wrote:

>I'm new to Mailman and I wonder if there is a proper way to
>automatically add the addresses created in the virtual-mailman file
>(when a new list is created) to a list for the check_sender_access
>postfix restriction. For example, if I create the list "mailmantest",
>the following is added to the virtual-mailman file:
>
># STANZA START: mailmantest
># CREATED: Wed Aug 26 11:32:36 2009
>mailmantest at domain.tld              mailmantest
>mailmantest-admin at domain.tld        mailmantest-admin
>mailmantest-bounces at domain.tld      mailmantest-bounces
>mailmantest-confirm at domain.tld      mailmantest-confirm
>mailmantest-join at domain.tld         mailmantest-join
>mailmantest-leave at domain.tld        mailmantest-leave
>mailmantest-owner at domain.tld        mailmantest-owner
>mailmantest-request at domain.tld      mailmantest-request
>mailmantest-subscribe at domain.tld    mailmantest-subscribe
>mailmantest-unsubscribe at domain.tld  mailmantest-unsubscribe
># STANZA END: mailmantest
>
>In my Postfix main.cf file I have:
>
>smtpd_sender_restrictions =
>     check_sender_access hash:/etc/postfix/lists_relay,
>     reject
>
>The /etc/postfix/lists_relay file is like this:
>
>mailmantest at domain.tld OK
>mailmantest-admin at domain.tld OK
>mailmantest-bounces at domain.tld OK
>
>And so on.
>
>I'd like those entries in the /etc/postfix/lists_relay file to be
>created automatically after running "newlist mailmantest".


Assuming that your lists_relay is intended to whitelist outgoing
messages from Mailman, the -bounces entry should be sufficient as all
messages from Mailman are sent with envelope from SOMELIST-bounces or
mailman-bounces except in one rare circumstance, notices of
mailman-bounces bounces are sent with envelope from mailman-loop.

I see two ways you can deal with this automatically.

If you are comfortable with Python, you could modify
Mailman/MTA/Postfix.py to write a third files containing the
information you want and call postmap to update the corresponding hash
database.

Perhaps a simpler solution is to set POSTFIX_MAP_CMD which defaults to
'/usr/sbin/postmap' to point instead to a shell script which does

/usr/bin/postmap $1

followed by a sed or whatever to create the file you want by editing
the virtual-mailman file and finally by another postmap to update the
hash db.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan